Currents: Developing Countries Gain from Free/Open-Source Software
Posted on Tuesday, May 20, 2003 by Frederick Noronha
A new report from Finland says that FLOSS use is increasing around the world for business, education and political needs.
Free and open-source software are not only "a useful and significant tool for the developing countries", but clearly have the potential to help democratization and help find solutions to the most pressing problems faced by the populations of developing countries, says a report recently released on the subject.
Set to be released in Finland on May 22, "Free as in Education: Significance of the Free/Libre and Open Source Software for Developing Countries" is authored by the Helsinki-based researcher Niranjan Rajani. Rajani prepared the report in collaboration with Juha Rekola and Timo Mielonen, from the Ministry for Foreign Affairs of Finland, along with OneWorld Finland and KEPA.
"Even a quick look at the use of computers in the education sector, NGOs, alternative media and civil society is enough to convince us of the potential of FLOSS", says the report, which reviews what's going on in Latin America, Africa and Asia. The report points out that students, teachers, journalists and democracy activists have been using computers, e-mail, web publishing, desktop publishing and the Internet to get their messages out to the world, participate in societal debates and acquire as well as disseminate knowledge and skills. "All of that can for sure be done without it, but FLOSS has some intrinsic characteristics that make it a convincing and integral ally of democratization process", adds the report.
The study further says, "FLOSS has a complementary and reciprocal relationship to education. One needs an educated section of the population to fulfil the full potential of FLOSS, and at the same time FLOSS helps, enhances and complements education by providing tools to promote education."
It goes on to point out that, in the case of education in computer sciences, FLOSS provides opportunities that nothing else can: unrestricted access to the source code, an environment of unlimited experimentation and tinkering and collaboration and interaction with a community of programmers, coders and users around the world.
Free software and open source's "inherent qualities" also make it a prime tool for achieving local language educational software, "especially for languages which are not deemed commercially viable for proprietary software vendors". "If the adoption of FLOSS in developing countries is done wisely, it can help stimulate indigenous software industry and create local jobs", says the study. The report then looks at the possibilities of FLOSS playing a role in "reducing conflict, enhancing independence and meeting international obligations".
In Asia, of some 20+ countries looked at, "the highest overall FLOSS related activity" seems to be taking place in countries like India, China and Taiwan, (excluding Japan, which is not object of this study) followed by South Korea, Malaysia, Singapore and Thailand. "[The] rest of the Indian sub-continent (Bangladesh, Pakistan, Sri Lanka, Nepal and others) having a medium level activity, while [the] Arab world (with the exception of Israel) seems to be the least active zone, only Afghanistan and North Korea being at the very end", says the report.
The report adds that in Latin America, Mexico, Brazil and Argentina, have the most FLOSS related activity in overall usage of FLOSS as well as writing code, followed by Colombia, Venezuela and Peru. "The Latin American programmers have made significant contributions to the overall FLOSS projects around the globe", says the study.
In Africa, South Africa tops the list, closely followed by Kenya, Namibia and Nigeria. And significant activity is starting in Ethiopia, Ghana and Zambia. Rajani's report states that "of all the three regions reviewed, Latin America tops in terms of code contribution, but Asia is not far behind, and...South Africa in the African continent is poised for more code contribution in addition to its reasonably high use of FLOSS".
Rajani, a geek with a Master's degree in Philosophy who is originally from Pakistan but is now based in Finland, says three factors "stand out" when asking why third-world countries choose FLOSS: cost, the anti-piracy campaign and security concerns. "Definitely the most overarching factor is the lower cost, despite a well known assertion that people in developing countries don't pay for software anyway. It is true that a large number of users in the developing countries don't and, more importantly, can't really pay for software", says the report, pointing to the phenomenally high price of proprietorial software compared to the average incomes of people in these countries.
The report points out that in the "developing countries", the costs associated with re-training users and hiring skilled people to migrate and run FLOSS based systems are not as high as they are in developed countries because of lower labour costs. More importantly, "people thus employed are locals contributing to the local economy rather than paying expensive software license fees". Many in the developing countries also have realised that not paying for licenses for the software being used cannot go on for ever. "Combined with cost, security is perhaps the most important factor pushing FLOSS in every country outside the United States", the report argues.
But there are obstances too, for FLOSS in third-world countries. First, free and open-source software is relevant to a development effort only if a reasonable investment in ICT infrastructure is made. "If no hardware is available, software is good for nothing", says Rajani.
Factors such as the dearth of trained IT professionals in many South American countries, the lethargy of the bureaucracy acting as another stumbling block and corruption ("despite being extremely cost-effective and of competitive quality, [FLOSS] still is kept out because companies with enough cash can buy off decision-makers") are the other roadblocks. "One thing is sure: FLOSS doesn't corrupt," says Rajani. The brain drain means talent moves away from the "developing countries". But in the case of IT, a software developer could still contribute to the growth of ICT solutions back home.
The full report will be available one May 22 at the following URL: fi.oneworld.net/article/view/56261. The English language version will be available at www.kepa.fi/english.
Plans are being made to move this report ahead collaboratively "using the FLOSS model (so that it) can be developed further over the coming months and years". Rajani writes in the report, "The hope is to put these reports on-line and to fill in the blanks by people from the concerned regions."
Frederick Noronha is a freelance writer living in Goa, India.
"Developing Countries Gain from Free/Open-Source Software" | Login/Create an Account | 14 comments
Threshold Refresh
Post Comment
The comments are owned by the poster. We aren't responsible for their content.
My experiences trying to leverage the power of Linux in the enterprise (Score: 0)
by Anonymous on Tuesday, May 20, 2003
I used to work as a consultant for a Fortune 500 company (more than 10,000 employees). As an expert in the field of IT consulting, I think I can shed a little light on the current climate of the open source community, and Linux in particular. The main reason that open source software, and Linux in particular, is failing is due to the underlying immaturity of the technology and the perception of the viral GNU license.
I know that the above statements are strong, but I have hard facts to back it up with. At the Fortune 500 company that I worked for, we wanted to leverage the power of Linux and associated open source technologies to benefit our server pool. The perception that Linux is “free” was too much to ignore. I recommended to the company that we use the newest version of Linux, version 9.0. My expectations were high that it would outperform our current solution at the time, Windows2000, which was doing an absolutely superb job (and still is!) serving as web, DNS, and FTP servers.
I felt that I was up to the job to convert the entire server pool to the Linux technology. I had several years experience programming VB, C#, ASP, and .NET Framework at the kernel level. I didn’t use C, because contrary to popular belief, ASP and VB can go just as low level as C can, and the latest .NET VB compiler produces code that is more portable and faster than C. I took it upon myself to configure and compile all of the necessary shareware versions of software that we needed, including sendmail, apache, and BIND. I even used the latest version of gcc (3.1) to increase the execution time of the binaries. After a long chain of events, the results of the system were less than impressive..
The first bombshell to hit my project was that my client found out from another consultant that the GNU community has close ties to former communist leaders. Furthermore, he found out that the ‘x’ in Linux was a tribute to the former Communist philosopher, Carl Marx, whose name also ends in ‘x’. The ne
Read the rest of this comment...
[ Reply to This ]
- Re: My experiences trying to leverage the power of Linux in the enterprise by Anonymous on Tuesday, May 20, 2003
- Re: My experiences trying to leverage the power of Linux in the enterprise by Anonymous on Tuesday, May 20, 2003
- That's very funny! Nice troll. (n/t) by Anonymous on Tuesday, May 20, 2003
- Re: That's very funny! Nice troll. (n/t) by Anonymous on Tuesday, May 20, 2003
- Re: My experiences trying to leverage the power of Linux in the enterprise by Anonymous on Tuesday, May 20, 2003
- Re: My experiences trying to leverage the power of Linux in the enterprise by Anonymous on Wednesday, May 21, 2003
- Re: My experiences trying to leverage the power of Linux in the enterprise by Anonymous on Wednesday, May 21, 2003
- Re: My experiences trying to leverage the power of Linux in the enterprise by Anonymous on Wednesday, May 21, 2003
- Re: My experiences trying to leverage the power of Linux in the enterprise by Anonymous on Wednesday, May 21, 2003
Re: Developing Countries Gain from Free/Open-Source Software (Score: 0)
by Anonymous on Wednesday, May 21, 2003
As I see, in my country, which is Mexico, I don't see any Open Source
Developing groups or companies--- The major contribution was made by
the most known man in the linux Desktop, Miguel de Icaza followed by
his best friends, Federico Mena, Arturo, etc (mexicans too) but now
they are in the USA.
In the counterpart, Brazil has made very strong contibutions to the open
source community most of this written in Python.
I don't kwno what to say about Argentina but I think that this country
is extremedly affected in its economy to try to solve their economy
with open source business.
finally I think that Latin America could create job opportunities if
good university graduated students get some interest in FLOSS but
staying in the country not going outside wich this is one the most
serious problems in Mexico for years, the brain fugees.
Ahh one final thing-..... Please ignore the first post to this article...
This guy is a MSpupil.
gatuus
[ Reply to This ]
Re: Developing Countries Gain from Free/Open-Source Software (Score: 0)
by Anonymous on Wednesday, May 21, 2003
Where can the full text of the report be found? Ravi Nair.
[ Reply to This ]
- Re: full textfound at www.maailma.kaapeli.fi by Anonymous on Thursday, May 22, 2003
consider: "My experiences trying to leverage the power of Linux in the enterprise" (Score: 0)
by Anonymous on Wednesday, May 21, 2003
Imagine a poster who uses fear mongering based on a letter in a name, who departs from common thought on what can only be a political and ridiculous tangent, and purports to represent his experiences representing the object he ridicules.
They must be very scared of a rational decision. Remember this You should decide what you want based on your needs. Dont let others convince you that those needs are gigantic. If other people fulfill the same needs less expensively and you want to save money that is what you should do. The more clear you are with your needs, and the better they are defined the more efficient your computer set up will be.
A $2 CD that costs hundreds of dollars and you dont even get to keep your data in a portable format! Is obscene.
The richest company in the world that increases its profits in a depression - thats obscene.
Not getting wide government support for people who want to give software to our schools and governments for free. Thats obscene.
Compare that to mature systems that aren't flashy but work really well. Nobody should hide that there is a little learning to do to use some software -- but thats true always.
If you believe in literacy in this world remember that Open Source is the only solution. Closed source is like the parent who reads a book out loud only to hide it when a child needs to learn hisher letters. Its your data and none of their business so pick systems with more respect.
Area businesses warm to idea of trade with Chile. videoconferences on international trade
tampabay.bizjournals.com
Jane Meinhardt
Staff Writer
CLEARWATER -- For a mere $15 each, representatives from 21 companies got a glimpse of possibly lucrative business opportunities in Chile.
They tapped into the pool of Chilean business specialists on the public's payroll, got contacts' names and vital information and learned about the country's regulations -- all without leaving the Tampa Bay area.
The business representatives attended the first in a series of videoconferences on international trade spearheaded by George L. Martinez, director of the U.S. Department of Commerce's regional export assistance center in Pinellas County.
The county's economic development technical staff set up the equipment for the conference's satellite link with business specialists in Chile, providing a group and one-on-one session that lasted just more than two hours.
Firms represented included most business segments, especially medical, information technology and construction.
"It was very cost-effective and informative," said Gary French, director of international sales for Clearwater-based Mercury Medical.
Most of the medical supply and equipment company's business is domestic, and it wants to expand its international market. French found the videoconference was a good entry to opportunities in Chile.
He estimated it would have cost him $1,500 to go to Chile and meet business specialists he communicated with during the conference.
"For 15 bucks, you can't beat it," French said. "I could see who I was dealing with and establish a contact. It was a great way to evaluate opportunities and screen perceptions using public professionals. It was clear, and it was understandable."
The videoconference highlighted information provided by officials working for the U.S. Commercial Services, a commerce department agency that has about 1,800 trade specialists in about 260 cities around the world.
Martinez selected Chile for the initial videoconference because Congress is reviewing a free trade agreement with the country, which would increase the country's market growth potential and export potential.
The agreement, similar to the free trade arrangement with Mexico, would eliminate the average 6-percent duty on U.S. products going into the country, Martinez said.
Florida companies already are doing a $1-billion-a-year export business with Chile, Martinez said. Major exports include medical devices, software, health care products and technology and industrial machinery.
Import business, especially wines and seafood, amounts to about $600 million a year, he said.
"Chile is a market that will grow more," Martinez said. "We presented Chile as a market of opportunity for the Tampa Bay area. It's already a stable, open market, and it will be even more open with the free trade agreement."
The videoconference gave area businesses an overview of the Chilean marketplace and a briefing of the country's economic conditions. Later this year, interested companies will be matched with Chilean businesses via one-on-one videoconferences.
But Nicholas Vouris, sales manager of Santech Inc. in Clearwater, is not waiting.
He attended the videoconference and already drafted a letter to a business specialist at an embassy in Chile, seeking more information and possible contacts.
"We want to develop our business," he said. "We'd like to get representation down there."
Santech employs 25 and manufactures standard and customized light-emitting diode display scoreboards and game monitoring equipment, message boards and video-projected displays.
The company's international projects include scoreboards and similar products in Venezuela, Egypt and China and at the University of Guadalajara, Mexico.
"We have sold all over the world, but 95 percent of our business is through ad agencies or on the Internet," Vouris said. "We're passive marketers and want to change that. The video conference was a good start."
Martinez plans to offer a videoconference with commercial service business specialists in China to counteract the reluctance to travel because of severe acute respiratory syndrome.
"We can help companies continue to do business in China," he said. "They can meet and conduct business virtually."
To reach Jane Meinhardt, call (813) 342-2476 or send your e-mail to jmeinhardt@bizjournals.com.
Offshoring - a new time and a new place for your IT? The very extended enterprise takes shape
silicon.com Special Report - Outsourcing
Thu 15 May 2003 03:48PM BST
We've all heard the stories about far flung call centres in India or coders in Russia, China and elsewhere working for companies while their UK employees are still tucked up in bed. What, apart from cost, are the reasons for offshoring, and is it just a natural extension of outsourcing? Ben King reports.
Unless you’re a very flashy dresser, with a taste for Savile Row suits, it's odds on that most of your clothes were made somewhere far away – the Far East or South America perhaps, maybe Turkey or Morocco but probably not the East End of London.
Where the rag trade leads, the IT business follows, hot on the heels of steel, engineering and almost every other industry, seeking cheap workers beyond the UK's shores.
It began with application development, in cheap overseas code shops, expanding to call centres, application management and full-scale business process outsourcing. Anything can go. The only limiting factor is size, according to Anthony Miller, research director at Ovum Holway. "There are certain overheads that mean that offshoring is only really practical for large corporates. The smallest deals would still be worth several million pounds," he says.
The market is certainly booming. It was the single growth spot in an IT services sector characterised by flat or negative growth. Analysts Ovum Holway estimate the market for work sent offshore from the UK grew 27 per cent last year from £430m to £545m, and forecast a rise to £1bn per year by 2006.
Offshoring often sits together with that other major trend in corporate IT provision, outsourcing. While some companies have set up their own offshore operations, such as BT's offshore joint venture with Mahindra, many do choose outsourcing as a route to offshoring.
Robin Goad, managing analyst at Datamonitor, says: "The vast majority of offshoring is through an outsourcer and even the do-it-yourself efforts normally involve working with a local partner."
The motivations for the two are not necessarily the same - outsourcing is typically justified in terms of focusing on core skills, or increasing visibility of cost, whereas offshoring has been driven by a simple desire to spend less money.
This is a perception that the major offshore vendors are seeking to challenge, as they seek to move up the value chain from labour intensive coding to full business process outsourcing (BPO) and consulting.
Says Srinjay Sengupta, head of Europe at Indian IT giants Infosys: "The general perception was that cost was a major driver but we've really been able to set a benchmark in cost and quality. We complete 90 per cent of our projects on time and on budget." That's quite a claim for a sector known for delays and cost overruns.
Companies 'offshore' almost anything, from data entry and call centers to application development and maintenance. The only thing that can't really be offshored is the human interaction element, anything that involves what Americans call 'face time' - talking to customers, assessing business needs, studying user adoption, graphic design and user experience testing.
Most of the big offshore providers have a presence in the UK, where client interaction and other 'face-time intensive' work is conducted. Design-related aspects of a project would typically be undertaken through a partnership with an onshore design house.
Getting the full benefit of sending work overseas, however, requires a change in the way companies do business. To make the best of the cost savings of sending work offshore, a client needs to minimise the amount of costly 'face-time' a project requires, which means managing the project at arm's length.
Infosys' Sengupta adds: "It’s a lot less optimal if a client wants to micromanage. In the longer term it's up to us to persuade the customer to leave it to the experts."
India has led IT offshoring revolution for a number of reasons. Labour is cheap there and so are other costs. The workforce is vast, and bar the occasional locking of horns with Pakistan, it's relatively peaceful. A network of six elite technical academies of the Indian Institute of Technology produces a stream of highly qualified engineers. But the key element in India's success has been language.
Indian companies like Infosys, TCS and Wipro have been doing it longer than anyone else and now have long track records and lists of reference customers to reassure nervous newcomers to the offshore world.
India represents 90 per cent of the market, according to Gartner estimates, but the cost savings that have made the country such a success are not guaranteed to last for ever.
Vivek Paul, vice-chairman and president of Wipro Technologies, Wipro's global arm, was recently quoted by the AFP news agency as saying: "I personally believe this cost advantage will fritter away as salary costs go up and, more importantly, as the rupee continues to appreciate."
As the demand for talent grows Indian IT staff are beginning to see wage inflation and onshore companies are cutting rates to defend their market share.
South-East Asian nations such as Thailand and Vietnam are also entering the market, seeking to undercut India. With its vast labourforce China will certainly become a player eventually, though language is still a problem and it remains a somewhat difficult place to do business.
Gartner lists a dazzling variety of nations, from Senegal to Venezuela, which are also looking to export IT services. Oddly enough, the big Indian companies are looking to take advantage themselves and move work to cheaper countries to keep their costs low.
While far-flung nations often offer low costs, the cost of doing business at such a remove can absorb a large portion of the saving. India is five and a half hours ahead of the UK, and 14 hours away by plane.
'Near-shoring' represents in some cases an acceptable half-way house. Companies send the work to a nearby country where costs are higher than the UK but lower than at home, but which is easier to visit and communicate with.
For the UK, Ireland - north and south of the border - is the near-shore location of choice. For the US, it might be Canada or Mexico.
Russia has some extremely talented technologists, many of whom are literally former rocket scientists. Other Eastern European countries are also bidding for business. From a European point of view, these nations are conveniently close and have many workers with excellent technical skills, though language is problem from a UK perspective. Cost savings are not as compelling as India, and prices are set to rise with imminent EU membership.
Recent research by Gartner suggests that once various upfront costs are taken into account the savings available from outsourcing a project to India are actually only in the region of 20-30 per cent for the first two years. This is almost exactly what a study from KPMG estimated would be the saving available on near-shoring a project from the US to Canada.
Whether India remains the top dog or the other countries succeed in stealing its crown, IT is heading offshore for good, says Ovum Holway's Miller: "There are not many things that change the name of the game in the IT industry but offshoring is one of them."
Windows 2003 compatibility issues upset some IT pros--Microsoft officials address compatibility issues with Windows Server 2003
By CAROL SLIWA
MAY 05, 2003
Content Type: Story
Source: Computerworld
Some IT managers aren't happy. Others are more understanding. But all of those planning to upgrade to Windows Server 2003 will find that many older versions of Microsoft Corp.'s most popular server applications won't run on the new operating system.
Only SQL Server 2000 with Service Pack 3 can be installed on Windows Server 2003. Users running SQL Server 6.5 or 7.0 will have to upgrade or wait for the SQL release code-named Yukon, which will soon go into beta testing.
Exchange Server users have one choice. The only version that can be installed on the new operating system is Exchange 2003, and it's not due until summer.
"I think Microsoft owes it to their customers to ensure backwards compatibility and interoperability for at least five years," said Derek Gee, vice president and director of system architecture and integration at Ameriquest Mortgage Co. in Orange, Calif.
"Another reason Microsoft should support some of their older versions is to maintain customer loyalty," said Steve Sommer, CIO at Hughes, Hubbard & Reed LLP in New York. "There are some big customers that cannot afford to upgrade right now."
Many users are sympathetic to Microsoft's claims that extensive security, Web server and Active Directory improvements affect not only the operating system but also any applications that rely on it. They said they understand why some older applications won't be supported on Windows Server 2003.
"If it's really a major upgrade, then Microsoft can't be expected to make substantial improvements to the product while at the same time bringing along all its old baggage," said Rich Eber, development service director at Hawaiian Electric Co. in Honolulu.
But if users find that the core Windows server operating system hasn't changed internally as much as Microsoft has portrayed, "there should be a backlash against this lack of support," Eber said.
Neville Teagarden, CIO at Navigant International Inc. in Englewood, Colo., said security has spurred his company to invest time during the past year to get the latest versions of Microsoft software. "My CIO colleagues should be asking themselves whether they can afford the security risks of using older versions of Microsoft products," he said.
Those users who have lagged on upgrades, however, may not be pleased to see that Microsoft won't be supporting older versions of its software on the latest operating system.
"Expecting companies to upgrade everything in their infrastructure to get the features from a single product, in this case Windows 2003, is unrealistic," said Dave Curran, manager of IT at CE Franklin Ltd. in Calgary, Alberta. "This smells of a pure money grab by Microsoft."
Curran said CE Franklin will delay its upgrade to Windows Server 2003 by at least 12 months because of the application compatibility issue. The oil and gas equipment supplier is still running Exchange 5.5 on Windows NT 4.0, and a simultaneous migration would be "too much for us to undertake in a single upgrade," he said.
Alejandro Bombaci, CIO at Empresas Polar, a consumer goods maker and distributor in Caracas, Venezuela, said his company typically migrates the operating system—the "enabler layer"—and then the applications. "Upgrading both at the same time is too risky," he said, although in his case, the upgrades mostly involve non-Microsoft applications.
Most Microsoft server applications will run fine in an environment that has a mix of servers running Windows Server 2003 and Windows Server 2000, said Barry Goffe, group manager of Microsoft's server platform division. Exchange 2000, for instance, can coexist in a Windows Server 2003 environment, as long as it's installed on a server running Windows 2000 with Service Pack 3.
With about 350 code changes in Windows Server affecting Exchange, Microsoft said it decided that customers would be better served if it focused development on Exchange 2003 rather than on updating old versions, so it could take advantage of improvements in Internet Information Server (IIS) 6.0. Exchange 2000 and 2003 rely heavily on IIS for Internet-based protocol services.
But some users are upset by the decision. For example, Rick Weaver, director of technical architecture at Hilton Hotels Corp. in Memphis, said Hilton is running a mix of Exchange 5.5 and 2000 and does slow migrations "because they are extremely painful."
"It would encourage acceptance of the new operating system if the old apps ran on it," Weaver said.
Microsoft applications that will run on Windows Server 2003 include
Application Center 2000 SP2
Blocking a cyberterror attack
Marin Independent Journal
By John Schwartz, New York Times
In the abstract, fighting a war is simple. The enemy and the targets are generally identifiable. But in the war against hackers and virus writers, the combatants are harder to know.
The attacker might be a 14-year-old in Canada, or a co-worker in the accounting department. "You'll have every type of person" practicing the dark arts of programming, said Sarah Gordon, a senior research fellow with the security technology developer Symantec.
As industry and government seek to repel the attacks for which the Internet is a launching pad, much of the effort involves understanding those who unleash malicious code and jiggle digital doorknobs. In the world that emerged after the Sept. 11 attacks, after all, understanding an elusive enemy has become a growing part of confronting a threat.
Security experts have warned for several years that cyberterrorism presents a great potential threat to the United States, with its increasing dependence on computer networks for everything from weapons systems to hydroelectric dams, not to mention the underpinnings of commerce. Richard A. Clarke, a former White House adviser on terrorism, warned even before Sept. 11 of a coming "digital Pearl Harbor."
And new vulnerabilities that could leave the way open to such an attack are being discovered all the time: according to Symantec, the number of software holes reported in the nation's computer networks grew by 80 percent in 2002.
Still, the company says it has yet to record a single cyberterrorist attack - by its definition, one originating in a country on the State Department's terror "watch list." That could be because those inclined to commit terrorist acts do not yet have the know-how to do significant damage, or perhaps because hackers and adept virus writers are not motivated to disrupt networks for a cause. But should the two groups find common ground, the result could be devastating, said Michael A. Vatis, head of the Institute for Security Technology Studies at Dartmouth College.
"There is still a big gap in our actual knowledge of our actual vulnerabilities to a serious attack," he said.
The government is working to close that gap. In the executive branch, cyberdefense is one of the concerns of the new Department of Homeland Security. Within the military, a task force with a $26 million annual budget is studying cyberwarfare for both its defensive and offensive potential, and President Bush has signed a directive, disclosed in February, calling for the military to develop policies to govern the waging of digital war. Regular exercises at the military service academies prepare students to defend military networks against hackers.
For now, though, the quarry in such exercises remains elusive. The most damaging attacks and intrusions, experts say, are typically carried out by disgruntled corporate insiders intent on embezzlement or sabotage, or by individuals - typically young and male - seeking thrills and notoriety.
There was, to be sure, the explicitly political Code Red, a self-reproducing program known as a worm that was unleashed in 2001 to take control of thousands of computers and force them to block access to the White House Web site by flooding government servers with data. Many security experts believe that the program was developed in China in retaliation for the loss of a Chinese jet and its pilot after a collision with an American spy plane. Once the worm was detected, a tweak to the numeric online address for the White House Web site prevented disruption.
Code Red drew attention to cyberattacks as a vehicle for political activism, said Roger Thompson, the director of malicious code research at TruSecure, a computer security company. "Instead of doing it to be jerks and show off to their buddies, they're doing it to make a statement," he said.
But exploits coinciding with the war in Iraq were tame at best. Days before the United States began its air attacks, for example, an American military computer was hacked through a security hole in Microsoft software, according to Russ Cooper, a security expert with TruSecure, but no apparent damage was done. And though a programmer identifying himself as a Malaysian Muslim and calling himself Melhacker warned late last year that he would release a potent new virus on the Internet if the United States invaded Iraq, there has been no sign of it.
"Individuals like Melhacker are considered more smoke than fire," said Ken Dunham, a senior intelligence analyst for iDefense, a computer security company. He said that developing profiles of such "malicious actors" - both general and individual - was helpful in defending against their activities and sometimes even curbing them. In Melhacker's case, he said, the company gained the virus writer's trust and obtained some of his code and tools last fall.
The threats and attacks witnessed recently are the sort of harassment that security experts dismiss as "weapons of mass annoyance." Experts who study the lives and motivations of virus writers and hackers, - and those who have wandered onto the wrong side of the law themselves - say that while some want to push a political view, many are interested in making a splash rather than a statement.
"Many of them probably think, 'Hey, hacking the Iraqi government would make me famous!"' said Seth Pack, a former virus writer who lives in Spartanburg, S.C., and works in the computer security field. Similarly, current viruses are likely to be carried in e-mail with subject lines related to Iraq or the SARS epidemic because they are topical, and virus writers, like all marketers, look for the largest possible audience.
Although some Web sites are chosen as hackers' targets for their political significance - an Iraqi government site was defaced during the war with the message, "Hacked, tracked, and now owned by the U.S.A." - most such vandalism is carried out by hackers using automated programs that simply search for any vulnerable machine, said Vincent Weafer, the senior director of a Symantec security response unit.
Aside from the increase in Web site defacement, he said, the level of virus writing and hacking has not risen sharply in recent weeks. "What we were seeing a month ago is what we're seeing today, and what we'll probably see next month," he said.
Businesses and individuals who take security seriously can protect themselves fairly well against the threat of viruses and hacking, said James Lewis, head of the technology program for the Center for Strategic and International Studies in Washington. "It's going to be irritating," he said, "but it's not going to be the end of the world."
At the same time, the government is taking a less urgent view - at least in what little it says on the subject - than the specter of a "digital Pearl Harbor" might have indicated. The role of cybersecurity adviser has been moved out of the White House and into the new Department of Homeland Security, and Clarke's successor in that role, Howard Schmidt, announced his resignation on Monday. "Nobody is in charge of the issue," Harris N. Miller, president of the Information Technology Association of America, complained after Schmidt's resignation was announced. "Cybersecurity is unique, and does require somebody in charge."
A spokesman for the Homeland Security Department said the administration took cybersecurity seriously, but as part of the overall security puzzle. "Our approach to cyber is it is combined with the other critical infrastructures; it's not a stand-alone," said the spokesman, David Wray. Much of the work in understanding the threat and countering it is being carried out in private industry, think tanks and academia, he said, and the role of government is to "look at the body of work and at the body of evidence and find the ways to make the best use of it."
That puts the primary burden on researchers like Gordon, the security expert with Symantec, who has interviewed hundreds of digital mischief-makers. Experts note significant differences between those who unleash viruses, with potentially widespread but somewhat random effects, and hackers, whose targets are generally specific if arbitrary.
Many of the early virus writers were computer researchers testing the limits of machines in the days before the Internet allowed rogue programs to spread around the world in minutes. But as the information on virus coding moved from the elite to the merely adept, there emerged a generation of "script kiddies" who could cobble together malicious programs from online tips.
Gordon said she had interviewed virus writers as young as 10 and as old as 50. "For a young person starting out, she said, "it's a real challenge to write a program that will re-create itself."
Because the writers tend to be young, they lose interest in the activity at about the time they might be prosecuted as adults for their mischief, Gordon said. Those who write viruses, and those who continue to do so into adulthood, tend to hold an immature point of view, she said. "They don't realize the impact - they don't realize there are real people at the other end of the computers," she said. "They don't tend to recognize the consequences of their actions."
Computer intruders, on the other hand, tend to characterize themselves as explorers. "'Why hack?' That's like 'Why eat?"' said Rafael Nunez, an Internet security consultant in Venezuela who has crossed over from the dark side of computer intrusion, in an e-mail message responding to questions. He now tests companies' security by trying to defeat their network defenses. The allure of hacking, he said, is "the attraction of the unknown, to penetrate, to find out secret things."
Hackers and virus writers can work together, but many have a competitive and acrimonious relationship. "Virus coders are evil," Nunez said. "They want to cause destruction."
A recent virus detected by Sophos, a security firm, seems to embody the tension between hackers and virus coders: the virus, which originated in India, contains text with insults directed at Pakistani hackers. The conflict "took it away from the geopolitical stage and put it into a geek-to-geek stage," said Chris Wraight, a technology consultant with Sophos.
Some of those who pursue the craft say they are blending computer science and art. A Spanish programmer who goes by the online name Jtag said in an e-mail exchange that he found in viruses "some kind of 'artistic' beauty."
"It's like to give 'life' to one creation and this 'life-form' takes control of things, replicating, transforming and giving his own 'touch' to another programs (infecting them)," he wrote.
Wraight of Sophos said a more apt comparison is to a sprayer of graffiti. Virus writers have the potential to spread a message to millions of computers. He expects the trend toward political hacking to continue. "The whole notion of trying to use the world stage for political views is going to grow over time," he said.
And the attacks will grow more potent, said Vatis, who served as the first director of the National Infrastructure Protection Center within the Federal Bureau of Investigation. Referring to the work of the military cyberwar force, he said, "The fact that our own government has offensive information programs that it won't talk about except to acknowledge that they exist - that should tell us something."